(Solve)Re: Securelevel dont let ipf read rules...
    perikillo 
    perikillo at gmail.com
       
    Tue Apr  5 07:51:04 PDT 2005
    
    
  
 One big mistake by my part. like you see below, i was having problems with 
secure level and ipf, but the problem was this:
My old /etc/rc.conf was:
kernel_securelevel=3
But after checking man rc.conf again, is
kern_securelevel
This way rc.conf dont let freebsd set that variable, now i can run ipf with 
the secure level 3, thanks to all.
On Apr 4, 2005 9:06 AM, perikillo <perikillo at gmail.com> wrote:
> 
> Hi all, i was testing my firewaill with Freebsd 4.11 Release and ipf on 
> the kernel. I have ppp setup to run on every time i turn on the system, i 
> was using securelevel=2 on the /etc/sysctl.conf
> kern.securelevel=2
> and /etc/rc.conf
> /etc/rc.conf:
> kernel_securelevel=2
> 
> After i see that my firewall was ready to start his job, i decide to 
> change the secure level to paranoid level and change the secure level to 3:
> /etc/sysctl.conf:
> kern.securelevel=3
> /etc/rc.conf:
> kernel_securelevel=3
> 
> Went i restart my computer, and try to access with my other computer wich 
> use Windows 2k, i try to access the internet, and see that my browser dont 
> find nothing, make some test on it, but no access to the outside world. I go 
> back to my firewall and test the conecction:
> 
> test#ifconfig
> 
> This show that i was conected, then test with ping, fastest_cvsup none of 
> then reach the outside world. After this i test ipf :
> 
> test#ipfstat -hio
> upsssssssssssssss, dont have any rules on my firewall, the i go to:
> 
> test# ee /var/log/console
> 
> I go to the end of the file and read my last boot up messages and see that 
> went my system try read the /etc/ipf.rules and /etc/ipmon.rules the system 
> secure level=3 on /etc/syctl.conf dont let ipf and ipnat to charge his rules 
> set. 
> "Operation Not Permite" (something like this mmmm dont remember the right 
> messages :-\)
> 
> /etc/sysctl.conf goes before /etc/rc.conf, i was thinking that if i setup 
> securelevel=1 on sysctl.conf and then on rc.conf after ipf and ppp start, 
> setup securelevel to 3, but my rc.conf dosent do nothing. 
> 
> How can i reach securelevel=3 and run my firewall, i dont want to input 
> nothing directly i want that baby(freebsd) do every thing automatically, 
> maybe i need to setup a script???
> 
> Or i am doing something wrong?
> 
> I read man init but dont see nothing about this issue...
> 
> Thanks all for your comments.
> NOTE: Freebsd 4.11 Release, ipfilter compile in the kernel. This machine 
> run only my firewall no servers is an old pentium 100Mhz. I try to write my 
> best english.
> 
> 
> 
>
    
    
More information about the freebsd-questions
mailing list